AWS Single Sign-On Admin

2026/06/30 - AWS Single Sign-On Admin - 1 updated api methods

Changes  AWS IAM Identity Center now returns PrimaryRegion and Regions in the ListInstances response, providing information about replicated instances.

ListInstances (updated) Link ΒΆ
Changes (response)
{'Instances': {'PrimaryRegion': 'string',
               'Regions': [{'AddedDate': 'timestamp',
                            'IsPrimaryRegion': 'boolean',
                            'RegionName': 'string',
                            'Status': 'ACTIVE | ADDING | REMOVING'}]}}

Lists the details of the organization and account instances of IAM Identity Center that were created in or visible to the account calling this API.

See also: AWS API Documentation

Request Syntax

client.list_instances(
    MaxResults=123,
    NextToken='string'
)
type MaxResults:

integer

param MaxResults:

The maximum number of results to display for the instance.

type NextToken:

string

param NextToken:

The pagination token for the list API. Initially the value is null. Use the output of previous API calls to make subsequent calls.

rtype:

dict

returns:

Response Syntax

{
    'Instances': [
        {
            'InstanceArn': 'string',
            'IdentityStoreId': 'string',
            'OwnerAccountId': 'string',
            'Name': 'string',
            'CreatedDate': datetime(2015, 1, 1),
            'Status': 'CREATE_IN_PROGRESS'|'CREATE_FAILED'|'DELETE_IN_PROGRESS'|'ACTIVE',
            'StatusReason': 'string',
            'PrimaryRegion': 'string',
            'Regions': [
                {
                    'RegionName': 'string',
                    'Status': 'ACTIVE'|'ADDING'|'REMOVING',
                    'AddedDate': datetime(2015, 1, 1),
                    'IsPrimaryRegion': True|False
                },
            ]
        },
    ],
    'NextToken': 'string'
}

Response Structure

  • (dict) --

    • Instances (list) --

      Lists the IAM Identity Center instances that the caller has access to.

      • (dict) --

        Provides information about the IAM Identity Center instance.

        • InstanceArn (string) --

          The ARN of the Identity Center instance under which the operation will be executed. For more information about ARNs, see Amazon Resource Names (ARNs) and Amazon Web Services Service Namespaces in the Amazon Web Services General Reference.

        • IdentityStoreId (string) --

          The identifier of the identity store that is connected to the Identity Center instance.

        • OwnerAccountId (string) --

          The Amazon Web Services account ID number of the owner of the Identity Center instance.

        • Name (string) --

          The name of the Identity Center instance.

        • CreatedDate (datetime) --

          The date and time that the Identity Center instance was created.

        • Status (string) --

          The current status of this Identity Center instance.

        • StatusReason (string) --

          Provides additional context about the current status of the IAM Identity Center instance. This field is particularly useful when an instance is in a non-ACTIVE state, such as CREATE_FAILED. When an instance creation fails, this field contains information about the cause, which may include issues with KMS key configuration or insufficient permissions.

        • PrimaryRegion (string) --

          The primary Region where the IAM Identity Center instance was originally enabled. The primary Region cannot be removed.

        • Regions (list) --

          The list of Regions enabled in the IAM Identity Center instance, including Regions with ACTIVE, ADDING, or REMOVING status.

          • (dict) --

            Contains information about an enabled Region of an IAM Identity Center instance, including the Region name, status, date added, and whether it is the primary Region.

            • RegionName (string) --

              The Amazon Web Services Region name.

            • Status (string) --

              The current status of the Region. Valid values are ACTIVE (Region is operational), ADDING (Region extension workflow is in progress), or REMOVING (Region removal workflow is in progress).

            • AddedDate (datetime) --

              The timestamp when the Region was added to the IAM Identity Center instance. For the primary Region, this is the instance creation time.

            • IsPrimaryRegion (boolean) --

              Indicates whether this is the primary Region where the IAM Identity Center instance was originally enabled. The primary Region cannot be removed.

    • NextToken (string) --

      The pagination token for the list API. Initially the value is null. Use the output of previous API calls to make subsequent calls.